Demystifying threats to satellite communications in critical infrastructure
Satellite communications are an integral part of many industrial control systems across many sectors, but their usage specifically in critical infrastructure continues to be misunderstood by the industry. While there has been multiple investigations into vulnerabilities and exploitation methods of satellite systems, less attention has been given to threat vectors and how they actually impact the environments that rely on them – much buzz was generated by the Viasat outages in February and their effect on European wind turbines, but not on how much the service disruption actually impacted these systems. Furthermore, a lot of guidance into securing satellite communication systems focuses heavily on military applications, which can have different architectures and needs than those deployed in critical infrastructure networks.
Drawing on lessons learned from recent incident responses involving satellite companies and systems, this talk will cover the basics of how different sectors rely on satellite communications, trust relationships of the satellite provider ecosystem that could be potentially abused by threat actors, how various attack methods could actually impact infrastructure processes, and potential detection methods of abuse.
MJ Emanuel is an incident response analyst at the U.S. government’s Cybersecurity & Infrastructure Security Agency (CISA). Her work focuses on industrial controls systems, threat intelligence, and forensics.
Prior to joining CISA, she was a malware and CTI analyst at the National Cyber Forensics and Training Alliance. She has a BA in environmental studies from Hendrix College and an MS in information security policy and management from Carnegie Mellon University.